Kone hidastelee - HjT logi

ikgiejtr · Sep 20, 2008

Voisiko joku tarkastaa tämän?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:54:14, on 20.9.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O1 - Hosts: 127.255.255.255 www.alcohol-soft.com
O1 - Hosts: 127.255.255.255 images.alcohol-soft.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: America Online 5.0 Tray Icon.lnk = C:\America Online 5.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Lataa FlashGetillä
- C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Lataa kaikki FlashGetillä
- C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Extract Flash Video with Bytescout... - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Extract Flash Video with Bytescout... - {40458FD0-2D07-4DAD-B385-3AD66DD50E95} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: Extract Flash Video with Bytescout... - {64F0BE80-6402-4031-B719-D064A55E9C35} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {A169B679-AC01-42B2-973F-78235EFA816A} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra 'Tools' menuitem: Extract Flash Video with Bytescout... - {A169B679-AC01-42B2-973F-78235EFA816A} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitComet AntiARP - Unknown owner - C:\Program Files\BitCometAntiARP\BitCometAntiARP.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 10033 bytes

Hujo · Sep 20, 2008

Poista lisää poista sovelutuksesta

Spybot - Search & Destroy

poista vikasiedossa

C:\Program Files\Spybot - Search & Destroy

=============

Avaa Windows Defender.
Klikkaa Tools ja General Settings.
Selaa alas ja ota rasti pois Turn on real-time protection (recommended)-kohdasta.
Tämän jälkeen klikkaa Save ja sulje Windows Defender.

Äläkkä laita päälle

=========

1.Lataa Combofix.exe työpöydällesi yhdestä linkistä:
Combofix1
Combofix2

2. Tuplaklikkaa Combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

=============

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi

ikgiejtr · Sep 21, 2008

Combofix loki
--------------

ComboFix 08-09-20.05 - K„ytt„j„ 2008-09-21 15:55:53.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1035.18.1306 [GMT 3:00]
Sijainti: C:\Users\K„ytt„j„\Desktop\ComboFix.exe
* Uusi palautuspiste luotu
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\MSINET.oca

.
((((((((((((((((((((((((((((((((((((((( Ajurit/Palvelut )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_XPROTECTOR
-------\Service_XPROTECTOR

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-08-21 to 2008-09-21 )))))))))))))))))
.

2008-09-21 16:02 . 2008-09-21 16:03 277,072,143 --a------ C:\Windows\MEMORY.DMP
2008-09-21 01:53 . 2008-09-21 01:53 <KANSIO> d--h-c--- C:\Users\All Users\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2008-09-21 01:53 . 2008-09-21 01:53 <KANSIO> d--h-c--- C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2008-09-21 01:44 . 2008-09-21 01:44 <KANSIO> d-------- C:\Users\All Users\Electronic Arts
2008-09-21 01:44 . 2008-09-21 01:44 <KANSIO> d-------- C:\ProgramData\Electronic Arts
2008-09-21 01:41 . 2008-09-21 01:41 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Videos
2008-09-21 01:41 . 2008-09-21 01:41 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Searches
2008-09-21 01:41 . 2008-09-21 01:41 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Saved Games
2008-09-21 01:41 . 2008-09-21 01:41 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Pictures
2008-09-21 01:41 . 2008-09-21 01:41 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Links
2008-09-21 01:41 . 2008-09-21 01:41 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Downloads
2008-09-21 01:41 . 2008-09-21 01:41 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Documents
2008-09-20 04:00 . 2008-09-20 04:05 <KANSIO> d-------- C:\Windows\$regcmp$
2008-09-14 20:18 . 2007-10-12 15:14 3,734,536 --a------ C:\Windows\System32\d3dx9_36.dll
2008-09-14 20:18 . 2007-10-12 15:14 1,374,232 --a------ C:\Windows\System32\D3DCompiler_36.dll
2008-09-14 20:18 . 2007-10-02 09:56 444,776 --a------ C:\Windows\System32\d3dx10_36.dll
2008-09-14 20:18 . 2007-10-22 03:39 267,272 --a------ C:\Windows\System32\xactengine2_10.dll
2008-09-14 20:18 . 2007-10-22 03:37 17,928 --a------ C:\Windows\System32\X3DAudio1_2.dll
2008-09-13 23:34 . <KANSIO> C:\Users\Käyttäjä\AppData\Roaming\Command & Conquer 3 Kane's Wrath
2008-09-11 12:19 . 2008-07-31 04:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-09-11 12:19 . 2008-07-31 06:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-09-11 12:18 . 2008-08-02 04:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2008-09-11 12:18 . 2008-06-26 06:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
2008-09-11 12:18 . 2008-06-26 06:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
2008-09-11 12:18 . 2008-05-08 22:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
2008-09-11 12:18 . 2008-05-20 05:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-09-11 12:18 . 2008-06-26 06:29 45,056 --a------ C:\Windows\System32\dataclen.dll
2008-09-11 12:18 . 2008-08-02 06:26 36,864 --a------ C:\Windows\System32\cdd.dll
2008-09-09 04:29 . 2008-09-09 04:45 <KANSIO> d-------- C:\Program Files\Common Files\AVSMedia
2008-09-09 04:29 . 2003-05-22 12:26 638,976 --a------ C:\Windows\System32\divx.dll
2008-09-09 04:29 . 2002-08-20 00:41 413,760 --a------ C:\Windows\System32\mpg4c32.dll
2008-09-09 04:29 . 2003-05-21 23:50 261,632 --a------ C:\Windows\System32\mcdvd_32.dll
2008-09-09 04:29 . 2003-05-22 12:26 221,215 --a------ C:\Windows\System32\divxdec.ax
2008-09-09 04:29 . 2003-05-21 23:50 156,910 --a------ C:\Windows\WMSysPr8.prx
2008-09-09 04:29 . 2003-05-21 23:50 82,944 --a------ C:\Windows\System32\vct3216.acm
2008-09-09 04:29 . 2004-02-04 21:11 81,920 --a------ C:\Windows\System32\AC3ACM.acm
2008-09-09 04:29 . 2004-09-06 16:06 53,248 --a------ C:\Windows\System32\xvid.ax
2008-09-09 04:29 . 2003-05-21 23:50 38,912 --a------ C:\Windows\System32\alf2cd.acm
2008-09-09 04:29 . 2000-03-14 20:55 13,239 --a------ C:\Windows\System32\Scg726.acm
2008-09-08 19:21 . <KANSIO> C:\Users\Käyttäjä\AppData\Roaming\Windows Live Writer
2008-09-08 19:12 . 2008-09-08 19:25 <KANSIO> d----c--- C:\Windows\System32\DRVSTORE
2008-09-08 19:11 . 2008-09-08 19:11 <KANSIO> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-09-08 19:02 . 2008-09-08 19:03 <KANSIO> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-08 19:01 . 2008-09-08 19:01 <KANSIO> d-------- C:\Users\All Users\WLInstaller
2008-09-08 19:01 . 2008-09-08 19:01 <KANSIO> d-------- C:\ProgramData\WLInstaller
2008-09-08 19:01 . 2008-09-09 15:00 <KANSIO> d-------- C:\Program Files\Windows Live
2008-09-07 21:27 . 2008-09-07 22:08 <KANSIO> d-------- C:\Users\All Users\CMUV
2008-09-07 21:27 . 2008-09-07 22:08 <KANSIO> d-------- C:\ProgramData\CMUV
2008-09-02 21:46 . 2008-09-20 00:38 <KANSIO> d-------- C:\Program Files\BBViewer
2008-08-27 13:42 . 2008-07-19 08:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-08-27 13:42 . 2008-07-19 06:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-08-27 13:42 . 2008-07-19 08:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-08-27 13:42 . 2008-07-19 06:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-08-27 13:42 . 2008-07-19 08:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-08-27 13:42 . 2008-07-19 08:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-08-27 13:42 . 2008-07-19 08:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-08-27 13:41 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-08-27 13:41 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-08-25 18:49 . 2008-09-20 00:38 <KANSIO> d-------- C:\Program Files\Boilsoft Video Joiner

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-21 13:05 --------- d-----w C:\Program Files\Steam
2008-09-21 13:04 --------- d-----w C:\Program Files\Packard Bell Data Secure
2008-09-21 12:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-21 12:53 --------- d-----w C:\Program Files\Electronic Arts
2008-09-21 02:05 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-09-21 01:31 --------- d-----w C:\Program Files\Syntax Wizard II
2008-09-20 22:35 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\uTorrent
2008-09-20 16:35 --------- d-----w C:\Program Files\Paradox Interactive
2008-09-20 16:03 --------- d-----w C:\Program Files\DC++
2008-09-19 22:10 --------- d-----w C:\Program Files\Firaxis Games
2008-09-19 22:08 --------- d-----w C:\Program Files\Yahoo!
2008-09-19 22:01 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Yahoo!
2008-09-19 22:01 --------- d-----w C:\ProgramData\Yahoo!
2008-09-19 21:38 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Movies Extractor Scout
2008-09-19 21:38 --------- d-----w C:\Program Files\uTorrent
2008-09-19 21:38 --------- d-----w C:\Program Files\Silent Hill
2008-09-19 21:38 --------- d-----w C:\Program Files\CCleaner
2008-09-18 01:03 --------- d---a-w C:\ProgramData\TEMP
2008-09-17 02:41 --------- d-----w C:\Program Files\Common Files\Steam
2008-09-15 23:20 --------- d-----w C:\ProgramData\Media Center Programs
2008-09-14 20:41 --------- d-----w C:\Program Files\FlashGet
2008-09-14 17:35 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-09-13 18:59 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2008-09-13 16:51 --------- d-----w C:\ProgramData\X10 Settings
2008-09-11 09:21 --------- d-----w C:\Program Files\Microsoft Works
2008-09-09 21:04 38,528 ----a-w C:\Windows\system32\drivers\mbamswissarmy.sys
2008-09-09 21:03 17,200 ----a-w C:\Windows\system32\drivers\mbam.sys
2008-09-09 01:05 --------- d-----w C:\Program Files\Replay Converter
2008-09-08 15:45 --------- d-----w C:\Program Files\BitComet
2008-09-05 18:15 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-09-05 18:15 22,328 ----a-w C:\Users\Käyttäjä\AppData\Roaming\PnkBstrK.sys
2008-08-19 11:14 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-18 14:40 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\Malwarebytes
2008-08-18 14:40 --------- d-----w C:\ProgramData\Malwarebytes
2008-08-18 14:05 --------- d-----w C:\Program Files\Logitech
2008-08-17 21:13 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-08-17 17:43 --------- d-----w C:\ProgramData\Lavasoft
2008-08-17 17:07 --------- d-----w C:\Program Files\Trend Micro
2008-08-17 16:00 --------- d-----w C:\Program Files\Registry Clean Expert
2008-08-17 15:22 --------- d-----w C:\Program Files\Windows Mail
2008-08-16 19:46 --------- d-----w C:\Program Files\Lavasoft
2008-08-07 13:28 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\DMCache
2008-08-07 13:26 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\IDM
2008-08-01 14:30 --------- d-----w C:\Users\Käyttäjä\AppData\Roaming\gtk-2.0
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-13 19:17 918 ----a-w C:\Users\Käyttäjä\AppData\Roaming\wklnhst.dat
2008-04-18 16:37 174 --sha-w C:\Program Files\desktop.ini
2007-12-25 09:58 32 ----a-w C:\Users\All Users\ezsid.dat
2007-12-25 09:58 32 ----a-w C:\ProgramData\ezsid.dat
2007-03-09 07:12 27,648 --sha-w C:\Windows\System32\AVSredirect.dll
.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 125952]
"Packard Bell Data Secure"="C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe" [2006-06-20 2361856]
"Steam"="c:\program files\steam\steam.exe" [2008-03-28 1271032]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-11 1838592]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2006-11-17 77824]
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-02-10 90192]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-02-10 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-02-10 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 C:\Windows\RtHDVCpl.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

C:\Users\K„ytt„j„\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
America Online 5.0 Tray Icon.lnk - C:\America Online 5.0\aoltray.exe [2007-12-25 32768]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.avis"= ff_acm.acm
"msacm.iac2"= C:\PROGRA~1\REPLAY~1\iac25_32.ax

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-302367918-135210410-691609199-1000]
"EnableNotificationsRef"=dword:00000002

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{851829E2-A044-4FE3-9A14-3798F8EF784C}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper
"UDP Query User{1DC61A2D-2ADE-49B3-8922-AA368EF90E7E}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper
"TCP Query User{8530A6FF-76C1-4584-8327-D50A6916BD25}C:\\program files\\ubisoft\\crytek\\far cry\\bin32\\farcry.exe"= UDP:C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe:Far Cry
"UDP Query User{B54336C4-81A6-41CF-947B-062FF55DB3E1}C:\\program files\\ubisoft\\crytek\\far cry\\bin32\\farcry.exe"= TCP:C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe:Far Cry
"TCP Query User{0B916478-9CB8-426E-BBAE-5AABA31D0587}C:\\program files\\dc++\\dcplusplus.exe"= UDP:C:\program files\dc++\dcplusplus.exeC++
"UDP Query User{FE29593B-DF0E-4E62-8362-B2BA62BD2010}C:\\program files\\dc++\\dcplusplus.exe"= TCP:C:\program files\dc++\dcplusplus.exeC++
"TCP Query User{55238BA1-C812-4EFF-AEB5-23377405C84B}C:\\sierra\\counter-strike\\cstrike.exe"= UDP:C:\sierra\counter-strike\cstrike.exe:CounterStrike Launcher
"UDP Query User{06680A35-850A-4115-8278-7F7DB6EA3AC0}C:\\sierra\\counter-strike\\cstrike.exe"= TCP:C:\sierra\counter-strike\cstrike.exe:CounterStrike Launcher
"TCP Query User{BC67EEA6-7853-4130-9C94-8295CA759F51}C:\\program files\\sierra on-line\\sigspat.exe"= UDP:C:\program files\sierra on-line\sigspat.exe:SIGSPat
"UDP Query User{B9BDF4E7-9B30-4B28-B0B5-817E9BDB5C8F}C:\\program files\\sierra on-line\\sigspat.exe"= TCP:C:\program files\sierra on-line\sigspat.exe:SIGSPat
"TCP Query User{0BB11B7F-DB79-4185-B4D1-4ABDBE4B57E6}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule Plus
"UDP Query User{5D8A9764-6183-4C4C-8730-0E123C675CBC}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule Plus
"TCP Query User{F537935F-7259-4B04-840D-27B59D2CDE43}C:\\westwood\\ra2\\patchget.dat"= UDP:C:\westwood\ra2\patchget.datatchgrabber
"UDP Query User{A3038DC2-A495-441C-9438-1D06F1272715}C:\\westwood\\ra2\\patchget.dat"= TCP:C:\westwood\ra2\patchget.datatchgrabber
"TCP Query User{3D3D9467-85A4-445B-965D-BD854C5F906E}C:\\program files\\ea games\\battlefield 1942\\bf1942.exe"= UDP:C:\program files\ea games\battlefield 1942\bf1942.exe:BF1942
"UDP Query User{80E8EB97-9281-406F-94DD-9164E2599B7D}C:\\program files\\ea games\\battlefield 1942\\bf1942.exe"= TCP:C:\program files\ea games\battlefield 1942\bf1942.exe:BF1942
"TCP Query User{A3743253-B3AD-412D-90B4-B90A018ED00E}C:\\program files\\ea games\\battlefield 1942\\bf1942_w32ded.exe"= UDP:C:\program files\ea games\battlefield 1942\bf1942_w32ded.exe:BF1942_w32ded
"UDP Query User{16C7B688-B965-4A00-A017-58C28EE29C5E}C:\\program files\\ea games\\battlefield 1942\\bf1942_w32ded.exe"= TCP:C:\program files\ea games\battlefield 1942\bf1942_w32ded.exe:BF1942_w32ded
"TCP Query User{31AC90E4-9465-4D68-A917-5A7E3D97125B}C:\\program files\\codemasters\\operation flashpoint\\flashpointresistance.exe"= UDP:C:\program files\codemasters\operation flashpoint\flashpointresistance.exe:Operation Flashpoint
"UDP Query User{7F062C06-5CF8-4B9A-8429-20E121A42D53}C:\\program files\\codemasters\\operation flashpoint\\flashpointresistance.exe"= TCP:C:\program files\codemasters\operation flashpoint\flashpointresistance.exe:Operation Flashpoint
"TCP Query User{AAA6AC3F-6092-4D16-831E-932E46C5B500}C:\\westwood\\ra2\\game.exe"= UDP:C:\westwood\ra2\game.exe:Main executable for Red Alert 2
"UDP Query User{1448E380-56CE-4E8B-A706-1713F455F327}C:\\westwood\\ra2\\game.exe"= TCP:C:\westwood\ra2\game.exe:Main executable for Red Alert 2
"TCP Query User{DDE93EC7-1FFC-4FFE-94C5-2BF597D0792F}C:\\program files\\sierra\\fear\\fpupdate.exe"= UDP:C:\program files\sierra\fear\fpupdate.exe:fpupdate
"UDP Query User{BAD3BA57-B752-41CC-8F28-9DE0C27EF981}C:\\program files\\sierra\\fear\\fpupdate.exe"= TCP:C:\program files\sierra\fear\fpupdate.exe:fpupdate
"{423C0603-F910-4662-A5A5-BB534C4B0854}"= UDP:C:\Program Files\Sierra\FEAR\FEAR.exe:FEAR
"{A8FD1C95-DB48-4D22-A978-A0AC6FA799D3}"= TCP:C:\Program Files\Sierra\FEAR\FEAR.exe:FEAR
"{D2715221-5E98-4F10-ADD7-49F1F380304D}"= UDP:C:\Program Files\Sierra\FEAR\FEARMP.exe:FEAR
"{BC572C1E-8409-4048-B109-4AC0E762359B}"= TCP:C:\Program Files\Sierra\FEAR\FEARMP.exe:FEAR
"TCP Query User{C71023DF-9531-4FB5-A6DD-7971D308152B}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{B844A997-B17C-45CB-A91F-CF8FAF34452C}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"{2677EB46-BFDD-485A-92FC-DAB22D4183A5}"= UDP:C:\Program Files\uTorrent\utorrent.exe:µTorrent
"{E04A1B57-D344-4943-BA21-DE045B0CBE99}"= TCP:C:\Program Files\uTorrent\utorrent.exe:µTorrent
"{8BFDE158-C5C1-43DA-A423-036DBFC10F6A}"= UDP:C:\Program Files\uTorrent\utorrent.exe:µTorrent
"{2CF8C639-49FB-4BC8-8B99-09303709DA18}"= TCP:C:\Program Files\uTorrent\utorrent.exe:µTorrent
"TCP Query User{B08D7A6E-72A5-4D62-B436-17AB4642D97D}C:\\program files\\dc++\\dcplusplus.exe"= UDP:C:\program files\dc++\dcplusplus.exeC++
"UDP Query User{650A2A88-53D3-45FF-B3AD-5188285DEDF7}C:\\program files\\dc++\\dcplusplus.exe"= TCP:C:\program files\dc++\dcplusplus.exeC++
"TCP Query User{D0AB7A11-DC9E-4D4B-B69A-AA07F954FF1A}C:\\program files\\ea games\\battlefield 1942\\bf1942.exe"= UDP:C:\program files\ea games\battlefield 1942\bf1942.exe:BF1942
"UDP Query User{22068757-C2DE-43A1-B32A-155F2F52B324}C:\\program files\\ea games\\battlefield 1942\\bf1942.exe"= TCP:C:\program files\ea games\battlefield 1942\bf1942.exe:BF1942
"TCP Query User{6A4FC55B-72DD-47F7-A4DA-789EE2E13177}C:\\program files\\ea games\\command and conquer generals\\patchget.dat"= UDP:C:\program files\ea games\command and conquer generals\patchget.datatchgrabber
"UDP Query User{0D74DA4C-E95C-4A6E-917E-29E4B66FDACE}C:\\program files\\ea games\\command and conquer generals\\patchget.dat"= TCP:C:\program files\ea games\command and conquer generals\patchget.datatchgrabber
"TCP Query User{7C584B81-A4DE-48A7-825B-39094C3C86A4}C:\\program files\\ea games\\command and conquer generals\\game.dat"= UDP:C:\program files\ea games\command and conquer generals\game.dat:game
"UDP Query User{61A724DE-69D3-447B-81AC-9C83A4E1915B}C:\\program files\\ea games\\command and conquer generals\\game.dat"= TCP:C:\program files\ea games\command and conquer generals\game.dat:game
"TCP Query User{72E7A821-15D9-421D-A614-AC661ADC1D82}C:\\matrix games\\steel panthers world at war\\mech.exe"= UDP:C:\matrix games\steel panthers world at war\mech.exe:mech
"UDP Query User{2053BF0F-E730-467C-BFDE-AF4B50DFBF6D}C:\\matrix games\\steel panthers world at war\\mech.exe"= TCP:C:\matrix games\steel panthers world at war\mech.exe:mech
"TCP Query User{81395AC7-E403-4D0C-A23A-6BE5C1E7616A}C:\\program files\\rockstar games\\grand theft auto\\wino\\grand theft auto.exe"= UDP:C:\program files\rockstar games\grand theft auto\wino\grand theft auto.exe:Grand Theft Auto
"UDP Query User{00BC29BA-E2E3-4660-AA82-0382851B2C7E}C:\\program files\\rockstar games\\grand theft auto\\wino\\grand theft auto.exe"= TCP:C:\program files\rockstar games\grand theft auto\wino\grand theft auto.exe:Grand Theft Auto
"TCP Query User{532D5697-E081-406F-B331-7190E50B57AD}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
"UDP Query User{3F24B391-B9EF-4992-AC66-339C6A862B66}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
"TCP Query User{C1F317CF-E76C-4B3D-B45B-866C5F439E0B}C:\\program files\\bittorrent\\bittorrent.exe"= UDP:C:\program files\bittorrent\bittorrent.exe:bittorrent
"UDP Query User{E85A7521-8EB9-45C6-A6C3-93D8B32BFA53}C:\\program files\\bittorrent\\bittorrent.exe"= TCP:C:\program files\bittorrent\bittorrent.exe:bittorrent
"TCP Query User{0ABCA218-B800-47DF-9A7F-548996989AAA}C:\\program files\\paradox interactive\\hearts of iron 2\\hoi2.exe"= UDP:C:\program files\paradox interactive\hearts of iron 2\hoi2.exe:Hearts of Iron 2
"UDP Query User{C5EC27EE-09C8-4850-AF97-AC198241F8A8}C:\\program files\\paradox interactive\\hearts of iron 2\\hoi2.exe"= TCP:C:\program files\paradox interactive\hearts of iron 2\hoi2.exe:Hearts of Iron 2
"TCP Query User{6CB0E79E-E06E-4D68-BB6D-A86123400C81}C:\\program files\\paradox entertainment\\hearts of iron\\hoi.exe"= UDP:C:\program files\paradox entertainment\hearts of iron\hoi.exe:Hearts of Iron
"UDP Query User{F6FC7289-5005-47CA-A672-D9224586D0C8}C:\\program files\\paradox entertainment\\hearts of iron\\hoi.exe"= TCP:C:\program files\paradox entertainment\hearts of iron\hoi.exe:Hearts of Iron
"TCP Query User{235691EB-B5AB-4FCB-9129-18C1E9A3088F}C:\\program files\\valve\\steam\\steamapps\\user\\counter-strike source\\hl2.exe"= UDP:C:\program files\valve\steam\steamapps\user\counter-strike source\hl2.exe:hl2
"UDP Query User{776D626D-07BF-47CC-A1B3-128C86004D27}C:\\program files\\valve\\steam\\steamapps\\user\\counter-strike source\\hl2.exe"= TCP:C:\program files\valve\steam\steamapps\user\counter-strike source\hl2.exe:hl2
"TCP Query User{5E13FDC5-DB8D-4D10-AC19-CB26265DAD47}C:\\program files\\valve\\steam\\steamapps\\user\\half-life 2\\hl2.exe"= UDP:C:\program files\valve\steam\steamapps\user\half-life 2\hl2.exe:hl2
"UDP Query User{9A19436F-DA11-445E-8E78-B3FB5418ECF3}C:\\program files\\valve\\steam\\steamapps\\user\\half-life 2\\hl2.exe"= TCP:C:\program files\valve\steam\steamapps\user\half-life 2\hl2.exe:hl2
"TCP Query User{45489C79-FD9D-46DB-BB27-DF759F336F1B}C:\\program files\\activision\\call of duty 2\\cod2mp_s.exe"= UDP:C:\program files\activision\call of duty 2\cod2mp_s.exe:CoD2MP_s
"UDP Query User{1DB1C28B-C877-496D-88C4-BD2C72FFD730}C:\\program files\\activision\\call of duty 2\\cod2mp_s.exe"= TCP:C:\program files\activision\call of duty 2\cod2mp_s.exe:CoD2MP_s
"TCP Query User{77683F9C-AF9D-4FEA-ADA6-B8EE9B599BB8}C:\\program files\\the all-seeing eye\\eye.exe"= UDP:C:\program files\the all-seeing eye\eye.exe:Yahoo! All-Seeing Eye
"UDP Query User{109C795B-6172-4FB6-A13F-3179E8C5110C}C:\\program files\\the all-seeing eye\\eye.exe"= TCP:C:\program files\the all-seeing eye\eye.exe:Yahoo! All-Seeing Eye
"{316E9CE2-D098-4F50-A171-60DC00D5E7BA}"= UDP:21444:BitComet 21444 TCP
"{96984EAF-7DBF-41F7-B33C-1B127F99CFC9}"= TCP:21444:BitComet 21444 UDP
"{2E0895A7-2B45-4920-812D-DC42D71CCD47}"= UDP:C:\Users\Käyttäjä\Desktop\utorrent.exe:µTorrent
"{45D69305-B909-4862-8F82-3474545526E1}"= TCP:C:\Users\Käyttäjä\Desktop\utorrent.exe:µTorrent
"TCP Query User{61CE4598-42C5-4EBA-8BF1-BEB12C6DE3DE}C:\\program files\\warzone\\lobbyclient.exe"= UDP:C:\program files\warzone\lobbyclient.exe:LobbyClient
"UDP Query User{04C2EF94-8002-407E-9A08-43826E80B0EF}C:\\program files\\warzone\\lobbyclient.exe"= TCP:C:\program files\warzone\lobbyclient.exe:LobbyClient
"TCP Query User{1EB87469-47B3-4F4D-9381-9925787D3959}C:\\program files\\xfire\\xfire.exe"= UDP:C:\program files\xfire\xfire.exe:Xfire
"UDP Query User{4FC8D993-2B1D-4832-906C-F43FA1FBF1CA}C:\\program files\\xfire\\xfire.exe"= TCP:C:\program files\xfire\xfire.exe:Xfire
"TCP Query User{4EBB575A-B1C1-48EB-8D74-07E8F7221856}C:\\program files\\atari\\axis & allies\\aa.exe"= UDP:C:\program files\atari\axis & allies\aa.exe:AA
"UDP Query User{66FA39C2-9AEF-477C-89AC-89699919BE58}C:\\program files\\atari\\axis & allies\\aa.exe"= TCP:C:\program files\atari\axis & allies\aa.exe:AA
"TCP Query User{FCEC15BD-3C53-46D5-AB29-6E97C8482575}C:\\program files\\nival interactive\\blitzkrieg\\run\\game.exe"= UDP:C:\program files\nival interactive\blitzkrieg\run\game.exe:Game
"UDP Query User{FFD94723-49F7-414C-8485-1F2BA474395B}C:\\program files\\nival interactive\\blitzkrieg\\run\\game.exe"= TCP:C:\program files\nival interactive\blitzkrieg\run\game.exe:Game
"TCP Query User{99155908-3AFF-408D-85DE-539258CEAD6D}C:\\users\\käyttäjä\\desktop\\v\\empires2.exe"= UDP:C:\users\käyttäjä\desktop\v\empires2.exe:empires2.exe
"UDP Query User{1422B2FA-D156-46CC-914E-AD760E7EF947}C:\\users\\käyttäjä\\desktop\\v\\empires2.exe"= TCP:C:\users\käyttäjä\desktop\v\empires2.exe:empires2.exe
"TCP Query User{DD7DD021-4CD6-41BD-B82C-BC915ED47597}C:\\users\\käyttäjä\\desktop\\v\\age2_x1.exe"= UDP:C:\users\käyttäjä\desktop\v\age2_x1.exe:age2_x1.exe
"UDP Query User{4BF014E2-2B53-4757-9252-F140FFB3C03D}C:\\users\\käyttäjä\\desktop\\v\\age2_x1.exe"= TCP:C:\users\käyttäjä\desktop\v\age2_x1.exe:age2_x1.exe
"TCP Query User{F2CC05B0-F964-4E42-8A61-C96B6ABB98CE}C:\\games\\dune 2000\\dune2000.dat"= UDP:C:\games\dune 2000\dune2000.datune2000
"UDP Query User{D23BE387-32DE-4366-B5E7-572242E69BF3}C:\\games\\dune 2000\\dune2000.dat"= TCP:C:\games\dune 2000\dune2000.datune2000
"TCP Query User{228B7B39-8F4B-4954-8293-2380311A512D}C:\\users\\käyttäjä\\desktop\\worldwarcraft\\wowclient-downloader.exe"= UDP:C:\users\käyttäjä\desktop\worldwarcraft\wowclient-downloader.exe:wowclient-downloader.exe
"UDP Query User{AF5CFACF-C96F-4536-8F3F-AC5BCA9FB546}C:\\users\\käyttäjä\\desktop\\worldwarcraft\\wowclient-downloader.exe"= TCP:C:\users\käyttäjä\desktop\worldwarcraft\wowclient-downloader.exe:wowclient-downloader.exe
"TCP Query User{6CBBC407-07C5-4355-BF0B-10B356D7D9CD}C:\\users\\käyttäjä\\desktop\\age of empires 2 gold\\age2_x1.exe"= UDP:C:\users\käyttäjä\desktop\age of empires 2 gold\age2_x1.exe:age2_x1.exe
"UDP Query User{411B3D2A-A878-4E0F-B48D-F243968AB8F2}C:\\users\\käyttäjä\\desktop\\age of empires 2 gold\\age2_x1.exe"= TCP:C:\users\käyttäjä\desktop\age of empires 2 gold\age2_x1.exe:age2_x1.exe
"TCP Query User{E679AD06-993C-4C23-87A4-808858FEED6C}C:\\users\\käyttäjä\\desktop\\age of empires 2 gold\\empires2.exe"= UDP:C:\users\käyttäjä\desktop\age of empires 2 gold\empires2.exe:empires2.exe
"UDP Query User{C33B8E49-E991-488F-810F-F9318394B0B4}C:\\users\\käyttäjä\\desktop\\age of empires 2 gold\\empires2.exe"= TCP:C:\users\käyttäjä\desktop\age of empires 2 gold\empires2.exe:empires2.exe
"{BB0142C6-1468-40C6-8C2F-149E28159EE4}"= UDP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords.exe:Sid Meier's Civilization 4 Warlords
"{59233332-8B57-4DA1-84BD-7CD1A67F4B7A}"= TCP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords.exe:Sid Meier's Civilization 4 Warlords
"{60A18744-6F20-46FC-81C7-854D2BEA061D}"= UDP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords_PitBoss.exe:Sid Meier's Civilization 4 Pitboss
"{FEC7849F-373E-458E-9BA9-6674306A8D21}"= TCP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords_PitBoss.exe:Sid Meier's Civilization 4 Pitboss
"{709C32FD-D019-405E-9742-B96956A75812}"= UDP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"{6E36B1A7-705D-45D5-BD91-7E3699D22A19}"= TCP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4
"TCP Query User{BAE307AC-9ED1-4436-993B-051044DDD4B5}C:\\users\\käyttäjä\\desktop\\winmx.exe"= UDP:C:\users\käyttäjä\desktop\winmx.exe:winmx.exe
"UDP Query User{CF519A94-B30E-4BBD-9D67-7F47A18306A0}C:\\users\\käyttäjä\\desktop\\winmx.exe"= TCP:C:\users\käyttäjä\desktop\winmx.exe:winmx.exe
"{BE61F096-F77D-4915-88F6-2CA0F8F11C38}"= UDP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:Sid Meier's Civilization 4 Beyond the Sword
"{80406D12-2592-4155-AF64-0C94B40AD837}"= TCP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:Sid Meier's Civilization 4 Beyond the Sword
"{DF72E40A-9AB2-4BA4-BB47-AFC33C0C4F9C}"= UDP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:Sid Meier's Civilization 4 Beyond the Sword Pitboss
"{F4AE63B2-84CC-4E9C-BF05-333EB2004DD8}"= TCP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:Sid Meier's Civilization 4 Beyond the Sword Pitboss
"TCP Query User{D1B5508C-210B-4BD2-8739-07134E56495F}C:\\program files\\bohemia interactive\\arma\\arma.exe"= UDP:C:\program files\bohemia interactive\arma\arma.exe:ArmA
"UDP Query User{57D4AFF2-1C16-4716-A432-369EE13CDD04}C:\\program files\\bohemia interactive\\arma\\arma.exe"= TCP:C:\program files\bohemia interactive\arma\arma.exe:ArmA
"TCP Query User{45763EE0-E0F0-4C79-8085-8A03AAC6C847}C:\\matrix games\\steel panthers world at war\\mech.exe"= UDP:C:\matrix games\steel panthers world at war\mech.exe:mech
"UDP Query User{23D40161-73A7-49B1-8DF4-028DE7BC5CBB}C:\\matrix games\\steel panthers world at war\\mech.exe"= TCP:C:\matrix games\steel panthers world at war\mech.exe:mech
"TCP Query User{84091ECE-44A8-448E-879F-C08D678863A2}C:\\program files\\flashget\\flashget.exe"= UDP:C:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{79ADF37F-384C-48E1-98EC-F0AC8E0AA7C0}C:\\program files\\flashget\\flashget.exe"= TCP:C:\program files\flashget\flashget.exe:FlashGet
"{9215D0A7-845A-4E67-8B64-E511531C2495}"= UDP:C:\Program Files\Rockstar Games\GTA San Andreas\gta_sa.exelay GTA San Andreas
"{49B8A749-B6DB-4E55-9A6E-155E72668D0C}"= TCP:C:\Program Files\Rockstar Games\GTA San Andreas\gta_sa.exelay GTA San Andreas
"{3275265E-20B2-4A71-A5A5-9A9A2D810E2E}"= UDP:C:\Program Files\Rockstar Games\GTA San Andreas\samp.exe:San Andreas Multiplayer
"{E3CE4ED1-FA54-4B9B-BF1F-6ADCB54E278F}"= TCP:C:\Program Files\Rockstar Games\GTA San Andreas\samp.exe:San Andreas Multiplayer
"{AC8F9A9B-FB4E-462F-B6DB-468C1CB0FA0B}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis SP Demo\Bin32\Crysis.exe:Crysis_32_sp_demo
"{C8276390-4320-4CE5-9022-2762FF5176E5}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis SP Demo\Bin32\Crysis.exe:Crysis_32_sp_demo
"TCP Query User{1A4C05E3-E77A-4C76-A5E6-68D5883BF6F2}C:\\program files\\ubisoft\\il-2 sturmovik 1946\\il2fb.exe"= UDP:C:\program files\ubisoft\il-2 sturmovik 1946\il2fb.exe:il2fb
"UDP Query User{47EFA44D-F20C-4CB6-A8F9-E63EA441AF54}C:\\program files\\ubisoft\\il-2 sturmovik 1946\\il2fb.exe"= TCP:C:\program files\ubisoft\il-2 sturmovik 1946\il2fb.exe:il2fb
"{81C3C297-4945-41DD-B638-A7271999EDBA}"= UDP:C:\Program Files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"{699763BC-9FAA-4C14-A91E-FE8B2023934B}"= TCP:C:\Program Files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"TCP Query User{33B3A7F1-C8E7-4E7C-B3B2-3C9E4159B72F}C:\\program files\\steam\\steamapps\\gevd\\team fortress 2\\hl2.exe"= UDP:C:\program files\steam\steamapps\gevd\team fortress 2\hl2.exe:hl2
"UDP Query User{6B523C3C-C68D-4F09-BB00-F0458A6B1E4B}C:\\program files\\steam\\steamapps\\gevd\\team fortress 2\\hl2.exe"= TCP:C:\program files\steam\steamapps\gevd\team fortress 2\hl2.exe:hl2
"{B7FFA4D4-546D-4736-A838-F64D39DD724E}"= UDP:C:\Program Files\BitComet\BitComet.exe:BitComet
"{013445F2-B86B-4AED-8547-3BE149E98BEA}"= TCP:C:\Program Files\BitComet\BitComet.exe:BitComet
"TCP Query User{43CAAE22-A4AE-49B8-A675-9B866F1115B8}C:\\program files\\paradox interactive\\doomsday\\hoi2.exe"= UDP:C:\program files\paradox interactive\doomsday\hoi2.exe:Hearts of Iron 2
"UDP Query User{C83D3E15-B28F-4176-8681-19413923706B}C:\\program files\\paradox interactive\\doomsday\\hoi2.exe"= TCP:C:\program files\paradox interactive\doomsday\hoi2.exe:Hearts of Iron 2
"{D9EEDE42-8B6A-4885-A229-5A9C921D6ABD}"= UDP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{50C3AA03-1DC6-4581-BBDB-AA1571EB078F}"= TCP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{22C379AD-0B2F-4175-942B-7049FEB91B36}"= UDP:C:\Windows\System32\PnkBstrB.exenkBstrB
"{E51D23C2-0881-4667-BD11-997243B89FD2}"= TCP:C:\Windows\System32\PnkBstrB.exenkBstrB
"TCP Query User{F39916C8-F279-48FB-BD09-455689BF0A25}C:\\games\\counter-strike source\\hl2.exe"= UDP:C:\games\counter-strike source\hl2.exe:hl2
"UDP Query User{CF609EE2-1951-4B8E-BB4F-C682426F986A}C:\\games\\counter-strike source\\hl2.exe"= TCP:C:\games\counter-strike source\hl2.exe:hl2
"TCP Query User{8C74A2A4-75C7-4106-9897-666B951B2EA1}C:\\program files\\gamespy\\comrade\\comrade.exe"= UDP:C:\program files\gamespy\comrade\comrade.exe:Comrade
"UDP Query User{61D70953-BAE8-42E5-B05C-10973C9FA489}C:\\program files\\gamespy\\comrade\\comrade.exe"= TCP:C:\program files\gamespy\comrade\comrade.exe:Comrade
"TCP Query User{3E53D1F4-27EA-4309-B661-FF4FB005D46C}C:\\program files\\steam\\steamapps\\gevd\\counter-strike source\\hl2.exe"= UDP:C:\program files\steam\steamapps\gevd\counter-strike source\hl2.exe:hl2
"UDP Query User{6B6F78FA-DF94-4EF4-A608-1B3726A2EC22}C:\\program files\\steam\\steamapps\\gevd\\counter-strike source\\hl2.exe"= TCP:C:\program files\steam\steamapps\gevd\counter-strike source\hl2.exe:hl2
"TCP Query User{B79EEA92-7FC2-4B48-A16F-9146D02CEB3B}C:\\program files\\steam\\steamapps\\gevd\\half-life 2 deathmatch\\hl2.exe"= UDP:C:\program files\steam\steamapps\gevd\half-life 2 deathmatch\hl2.exe:hl2
"UDP Query User{CE78611F-68CE-41AC-AE08-C9093F21230B}C:\\program files\\steam\\steamapps\\gevd\\half-life 2 deathmatch\\hl2.exe"= TCP:C:\program files\steam\steamapps\gevd\half-life 2 deathmatch\hl2.exe:hl2
"TCP Query User{C6564CEF-ED94-4D1C-A9E6-45FFFDC159DE}C:\\program files\\steam\\steamapps\\gevd\\day of defeat source\\hl2.exe"= UDP:C:\program files\steam\steamapps\gevd\day of defeat source\hl2.exe:hl2
"UDP Query User{3CEC7962-3772-4418-8EFD-62FAA8317BA7}C:\\program files\\steam\\steamapps\\gevd\\day of defeat source\\hl2.exe"= TCP:C:\program files\steam\steamapps\gevd\day of defeat source\hl2.exe:hl2
"TCP Query User{A9765046-BE25-499D-BBA7-5E870BAE3C5F}C:\\program files\\electronic arts\\need for speed prostreet\\nfs.exe"= UDP:C:\program files\electronic arts\need for speed prostreet\nfs.exe:nfs
"UDP Query User{B8BCFBB4-9623-43C0-95EF-EA9189A702A8}C:\\program files\\electronic arts\\need for speed prostreet\\nfs.exe"= TCP:C:\program files\electronic arts\need for speed prostreet\nfs.exe:nfs
"{773BFED1-C972-4F41-BAF9-ED22CF149DDA}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{B3941D1D-80A0-4671-BDF9-8B2A25B540AA}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"TCP Query User{FF4A9A4D-D59C-40EA-BCAE-32362CBE211C}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper
"UDP Query User{14A4DCD6-FA6A-4836-9F8B-C25F888855C7}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper
"TCP Query User{6CC8D33C-7B54-4269-A8D4-6BF51CEF0537}C:\\program files\\ssi\\pgiii scorched earth\\pg3.exe"= UDP:C:\program files\ssi\pgiii scorched earth\pg3.exeG3
"UDP Query User{659336F5-7B31-4EDB-A096-AB27C0278893}C:\\program files\\ssi\\pgiii scorched earth\\pg3.exe"= TCP:C:\program files\ssi\pgiii scorched earth\pg3.exeG3
"TCP Query User{0E7E323A-4FCD-42B0-A1DF-6C1B4CD61F13}C:\\program files\\ssi\\pgiii scorched earth\\pg3.exe"= UDP:C:\program files\ssi\pgiii scorched earth\pg3.exeG3
"UDP Query User{0A8EE860-6577-4B0A-9CF7-B1C20E0EF90B}C:\\program files\\ssi\\pgiii scorched earth\\pg3.exe"= TCP:C:\program files\ssi\pgiii scorched earth\pg3.exeG3
"{BD743E8D-8BD5-4296-B71C-04B3B34DCD9C}"= UDP:2300:sami
"{3EE567DF-AE98-4D9D-B121-85F0479F7B86}"= UDP:2400:sami1
"TCP Query User{3897B0A2-5C14-46C7-9F0A-EED4DCC4996F}E:\\games2\\ea games\\command and conquer generals\\game.dat"= UDP:E:\games2\ea games\command and conquer generals\game.dat:game
"UDP Query User{0DBEA704-C8D7-4CF5-BDA8-03CA11433AA4}E:\\games2\\ea games\\command and conquer generals\\game.dat"= TCP:E:\games2\ea games\command and conquer generals\game.dat:game
"TCP Query User{5A7B9B9D-957A-4135-8B8D-DFCBB8C4B672}E:\\games2\\ea games\\command & conquer generals zero hour\\game.dat"= UDP:E:\games2\ea games\command & conquer generals zero hour\game.dat:game
"UDP Query User{97126D0D-0A19-4D28-8522-1FAB392127D2}E:\\games2\\ea games\\command & conquer generals zero hour\\game.dat"= TCP:E:\games2\ea games\command & conquer generals zero hour\game.dat:game
"TCP Query User{6E477E2E-C4AA-4B51-98BA-0C69E7EA8315}C:\\program files\\windows sidebar\\sidebar.exe"= UDP:C:\program files\windows sidebar\sidebar.exe:Windowsin sivupalkki
"UDP Query User{E0781F4D-87B5-48E9-B1D3-5CB2C1B21F58}C:\\program files\\windows sidebar\\sidebar.exe"= TCP:C:\program files\windows sidebar\sidebar.exe:Windowsin sivupalkki
"{270619EC-B67C-4958-9038-195D5A955738}"= UDP:C:\Program Files\Syntax Wizard II\Syntax Wizard II.exe:Syntax Wizard II
"{36A5B493-9CEF-4507-9405-689EA8CF478E}"= TCP:C:\Program Files\Syntax Wizard II\Syntax Wizard II.exe:Syntax Wizard II
"TCP Query User{848A792D-4129-4491-AF27-B81110526DE3}C:\\program files\\common files\\ahead\\nero web\\setupx.exe"= UDP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"UDP Query User{B08C8CD9-D028-42EE-B822-060DED12E284}C:\\program files\\common files\\ahead\\nero web\\setupx.exe"= TCP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"{72D65623-1163-47C2-99F6-EFF9C6292EC7}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{6E7F2221-D96A-41DA-8D5E-302B8C351208}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{2687A872-082D-43EE-AEF7-71C13EC5ACBB}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{DB4F46DA-99E7-4459-A0B0-599176FD76BF}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{990E4FB9-77BA-499E-9A52-089CB6B37637}"= UDP:C:\Program Files\EA Sports\NHL08\nhl2008.exe:NHL® 08
"{73903B54-AF2A-46FC-8354-0878A54EC1BD}"= TCP:C:\Program Files\EA Sports\NHL08\nhl2008.exe:NHL® 08
"TCP Query User{F3754275-9518-43C3-9B75-A57FA9B56303}C:\\users\\käyttäjä\\appdata\\local\\temp\\electronicarts_patcher_000.exe"= UDP:C:\users\käyttäjä\appdata\local\temp\electronicarts_patcher_000.exe:electronicarts_patcher_000.exe
"UDP Query User{078A401F-FA04-4BAF-BB5E-8911F4AAAC50}C:\\users\\käyttäjä\\appdata\\local\\temp\\electronicarts_patcher_000.exe"= TCP:C:\users\käyttäjä\appdata\local\temp\electronicarts_patcher_000.exe:electronicarts_patcher_000.exe
"{79F2CAA1-8802-4D32-80A9-CA87B6E10C25}"= C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat:Command & Conquer 3 Tiberium Wars
"TCP Query User{A1C390AE-DF0A-476A-AC80-127E826CF52B}C:\\program files\\electronic arts\\command & conquer 3\\retailexe\\1.9\\cnc3game.dat"= UDP:C:\program files\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat:Command and Conquer 3 Tiberium Wars™
"UDP Query User{4A04704E-CE4E-41DB-AD48-1FFA670C1607}C:\\program files\\electronic arts\\command & conquer 3\\retailexe\\1.9\\cnc3game.dat"= TCP:C:\program files\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat:Command and Conquer 3 Tiberium Wars™
"TCP Query User{58F72B6D-4424-4DA6-BB19-1ED8FA604A11}C:\\games\\age of empires 2 gold\\age2_x1.exe"= UDP:C:\games\age of empires 2 gold\age2_x1.exe:Age of Empires II Expansion
"UDP Query User{7A82749A-5D42-4750-9EFD-4FF94A6B10AF}C:\\games\\age of empires 2 gold\\age2_x1.exe"= TCP:C:\games\age of empires 2 gold\age2_x1.exe:Age of Empires II Expansion
"{07A0A4DD-A1E9-4BD4-804D-751BA1AAF912}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{DC76FACA-3CB1-4B8E-A2E0-BB3C04E0F108}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{49A07BE2-3FC0-41F9-B198-8B2A0A60206F}C:\\program files\\bbviewer\\bbviewer.exe"= UDP:C:\program files\bbviewer\bbviewer.exe:BBViewer
"UDP Query User{A729EC2A-E844-437D-8874-86AC13DF02CC}C:\\program files\\bbviewer\\bbviewer.exe"= TCP:C:\program files\bbviewer\bbviewer.exe:BBViewer
"{87114218-5569-4185-9811-E6A7CAD454C5}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{C67DFFB7-50FB-49B6-852E-6E2FBEDCE9E6}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B461D7F4-8EF5-4729-AE61-050F3B945516}"= C:\Program Files\Electronic Arts\Command & Conquer 3 Kane's Wrath\RetailExe\1.1\cnc3ep1.dat:Command & Conquer(tm) 3: Kane's Wrath

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 BitComet AntiARP;BitComet AntiARP;C:\Program Files\BitCometAntiARP\BitCometAntiARP.exe [2007-05-08 484864]
R2 LicCtrlService;LicCtrl Service;C:\Windows\runservice.exe [2007-10-08 2560]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler;C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-11-14 204800]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
R3 X10Hid;X10 Hid Device;C:\Windows\system32\Drivers\x10hid.sys [2006-11-17 13976]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-09-16 92656]
.
'Ajoitetut tehtävät'-kansion sisältö
.
- - - - POISTETUT JÄMÄRIVIT - - - -

HKCU-Run-Yahoo! Pager - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
HKLM-Run-Bride.Ru Inform Tool - (no file)

.
------- Täydentävä tarkistus -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.fi/
O8 -: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 -: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 -: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 -: &Lataa FlashGetillä - C:\Program Files\FlashGet\jc_link.htm
O8 -: &Lataa kaikki FlashGetillä - C:\Program Files\FlashGet\jc_all.htm
O8 -: Download all links with IDM
O8 -: Download FLV video content with IDM
O8 -: Download with IDM
O8 -: Extract Flash Video with Bytescout... - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 -: {40458FD0-2D07-4DAD-B385-3AD66DD50E95} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 -: {64F0BE80-6402-4031-B719-D064A55E9C35} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 -: {A169B679-AC01-42B2-973F-78235EFA816A} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 -: {40458FD0-2D07-4DAD-B385-3AD66DD50E95} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html -
O9 -: {64F0BE80-6402-4031-B719-D064A55E9C35} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html -
O9 -: {A169B679-AC01-42B2-973F-78235EFA816A} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html -
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-21 16:05:24
Windows 6.0.6001 Service Pack 1 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja käynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...

tarkistus on valmis
piilotetut tiedostot: 0

**************************************************************************
.
------------------------ Muut prosessit ------------------------
.
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\System32\audiodg.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\System32\PnkBstrA.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\PROGRA~1\COMMON~1\X10\Common\X10nets.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
C:\Windows\ehome\ehrecvr.exe
C:\Windows\System32\conime.exe
C:\Windows\System32\dllhost.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
.
**************************************************************************
.
Valmistumisajankohta: 2008-09-21 16:10:31 - kone käynnistettiin uudelleen [K„ytt„j„]
ComboFix-quarantined-files.txt 2008-09-21 13:10:24

Ennen ajoa: 27ÿ756ÿ519ÿ424 tavua vapaana
Ajon jälkeen: 27,407,765,504 tavua vapaana

429 --- E O F --- 2008-09-19 21:00:21

-------------------------------
Malwarebytes' Anti-Malware Logi
-------------------------------

Malwarebytes' Anti-Malware 1.28
Tietokantaversio: 1180
Windows 6.0.6001 Service Pack 1

21.9.2008 18:06:56
mbam-log-2008-09-21 (18-06-56).txt

Tarkistustyyppi: Täysi tarkistus (C:\|E:\|M:\|)
Tarkistetut kohteet: 252347
Kulunut aika: 1 hour(s), 52 minute(s), 5 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)

Hujo · Sep 21, 2008

scannaa uusi hjt:n loki

ikgiejtr · Sep 21, 2008

hjt logi
---------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:04:47, on 21.9.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file)
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: America Online 5.0 Tray Icon.lnk = C:\America Online 5.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Lataa FlashGetillä
- C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Lataa kaikki FlashGetillä
- C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Extract Flash Video with Bytescout... - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Extract Flash Video with Bytescout... - {40458FD0-2D07-4DAD-B385-3AD66DD50E95} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: Extract Flash Video with Bytescout... - {64F0BE80-6402-4031-B719-D064A55E9C35} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {A169B679-AC01-42B2-973F-78235EFA816A} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra 'Tools' menuitem: Extract Flash Video with Bytescout... - {A169B679-AC01-42B2-973F-78235EFA816A} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitComet AntiARP - Unknown owner - C:\Program Files\BitCometAntiARP\BitCometAntiARP.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 9023 bytes

Hujo · Sep 21, 2008

scannaa hjt:llä merkkaa paina Fix checked

scannaa hjt.llä merkkaa paina Fix checked

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file)
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -

ikgiejtr · Sep 21, 2008

mitäs nyt sitten?

tässä on uusi Hjt logi

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:36:24, on 22.9.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: America Online 5.0 Tray Icon.lnk = C:\America Online 5.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Lataa FlashGetillä
- C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Lataa kaikki FlashGetillä
- C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Extract Flash Video with Bytescout... - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Extract Flash Video with Bytescout... - {40458FD0-2D07-4DAD-B385-3AD66DD50E95} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: Extract Flash Video with Bytescout... - {64F0BE80-6402-4031-B719-D064A55E9C35} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {A169B679-AC01-42B2-973F-78235EFA816A} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra 'Tools' menuitem: Extract Flash Video with Bytescout... - {A169B679-AC01-42B2-973F-78235EFA816A} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitComet AntiARP - Unknown owner - C:\Program Files\BitCometAntiARP\BitCometAntiARP.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 8503 bytes

Hujo · Sep 22, 2008

Tarkista Kaspersky Online Skannerilla

1. Lue läpi vaatimukset ja yksityisyyssäännökset ja klikkaa Accept.
2. Skannerin ja virustietokannan lataus alkaa. Sinulta kysytään sallitko Kasperskyltä tulevan ohjelman asentamisen. Klikkaa Aja/Run.
3. Kun lataus on valmis, klikkaa Settings.
4. Varmistu, että seuraavat kohdat on valittu. Jos ne eivät ole, valitse ne ja klikkaa Save:
Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases
5. Klikkaa Oma Tietokone, My Computer Scan-kohdan alapuolelta.
6. Kun tarkistus on valmis, tulokset näytetään. Klikkaa View Scan Report.
7. Näet listan saastuneista kohteista. Klikkaa Save Report As....
8. Tallenna tiedosto työpöydällesi. Muuta Tiedostotyyppi/Files of type muotoon Tekstitiedosto/Text file(.txt) ennen kuin klikkaat Save.
9. Kopioi ja liitä tiedoston sisältö seuraavaan vastaukseesi uuden HijackThis-lokin kera

ikgiejtr · Sep 23, 2008

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, September 23, 2008
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, September 22, 2008 20:57:34
Records in database: 1249052
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
M:\

Scan statistics:
Files scanned: 277102
Threat name: 3
Infected objects: 3
Suspicious objects: 0
Duration of the scan: 10:53:02

File name / Threat name / Threats count
C:\Downloads\BitAccelerator.exe Infected: not-a-virus:AdTool.Win32.BitAccelerator.m 1
C:\Downloads\BitAccelerator.exe Infected: not-a-virus:AdTool.Win32.BitAccelerator.o 1
C:\Downloads\BitAccelerator.exe Infected: Trojan.Win32.ConnectionServices.aa 1

The selected area was scanned.

---------------
uusi hjt loki
---------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:01:13, on 23.9.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: America Online 5.0 Tray Icon.lnk = C:\America Online 5.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Lataa FlashGetillä
- C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Lataa kaikki FlashGetillä
- C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Extract Flash Video with Bytescout... - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Extract Flash Video with Bytescout... - {40458FD0-2D07-4DAD-B385-3AD66DD50E95} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: Extract Flash Video with Bytescout... - {64F0BE80-6402-4031-B719-D064A55E9C35} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {A169B679-AC01-42B2-973F-78235EFA816A} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra 'Tools' menuitem: Extract Flash Video with Bytescout... - {A169B679-AC01-42B2-973F-78235EFA816A} - C:\Program Files\Bytescout Movies Extractor Scout\flashextract_ie.html
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitComet AntiARP - Unknown owner - C:\Program Files\BitCometAntiARP\BitCometAntiARP.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 8482 bytes

Hujo · Sep 23, 2008

katso löytyykö lisää poista sovelutuksesta

BitAccelerator

Poista

C:\Downloads\BitAccelerator.exe

ikgiejtr · Sep 23, 2008

joo minä poistin tuon BitAccelerator.exe

Hujo · Sep 23, 2008

mites kone toimii

ikgiejtr · Sep 23, 2008

ihan hyvin kai tämä kone toimii.

kannattaako tuo Spybot - Search & Destroy asentaa uudestaan?

ja laitanko minä päälle tuon Windows Defender Turn on real-time protection (recommended)-kohdasta?

Hujo · Sep 23, 2008

ikgiejtr said:

kannattaako tuo Spybot - Search & Destroy asentaa uudestaan?

ja laitanko minä päälle tuon Windows Defender Turn on real-time protection (recommended)-kohdasta?
Click to expand...

Kumpaakin vastaus on Ei

ikgiejtr · Sep 23, 2008

riittääkö nuo ohjelmat sitten avast! Antivirus ja Malwarebytes' Anti-Malware ja ComboFix

Hujo · Sep 23, 2008

Jos jotain haluat laittaa niin laita spywareblasteri
täältä löytyy ne ohjeet myös
tuota pitää välillä päivitellä.

sillä avastissa on taustasuojaus ja noi realiaikaiset häiritsee sen toimintaa

ikgiejtr · Sep 23, 2008

joo minä asensin tuon spywareblasterin.

Kiitos todella paljon avusta.

Log in or Sign up

Kone hidastelee - HjT logi

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Share This Page

Log in or Sign up

Kone hidastelee - HjT logi

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Hujo Guest

ikgiejtr Member

Share This Page

Useful Searches